Bug 741499

Summary: stacktrace when loading (reloading?) page where rights have been removed.
Product: Red Hat Satellite Reporter: Corey Welton <cwelton>
Component: WebUIAssignee: Partha Aji <paji>
Status: CLOSED CURRENTRELEASE QA Contact: Katello QA List <katello-qa-list>
Severity: low Docs Contact:
Priority: low    
Version: 6.0.0CC: mmccune
Target Milestone: UnspecifiedKeywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-08-22 20:54:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Corey Welton 2011-09-27 04:12:26 UTC 
Description of problem:
If a user is on a page and rights have subsequently been removed, reloading the page throws a stacktrace, rather than cleanly displaying a permission denied page.
Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.  Create a user, "aaa"
2.  Create a role granting All Organization permissions; add "aaa" user to this role
3.  In a separate browser, login with user "aaa" and go to Organizations page
4.  In the original browser (as admin), revoke all rights from user "aaa" in the UI
5.  Attempt to reload the Orgs page with user "aaa"  

Actual results:

ArgumentError in Organizations#index

Showing /usr/share/katello/app/views/layouts/katello.haml where line #41 raised:

Invalid level specified or item key not found

Extracted source (around line #41):

38:     - else
39:       #subheader.container_16
40:         %nav.tab_nav
41:           = render_navigation(:expand_all => true, :level => 1)
42:       #maincontent.container_16
43:         %nav.subnav.container_16
44:           = render_navigation(:expand_all => true, :level => 2..3)

Rails.root: /usr/share/katello
Application Trace | Framework Trace | Full Trace

app/views/layouts/katello.haml:41:in `_app_views_layouts_katello_haml___153095593_70252241594080_0'
app/controllers/application_controller.rb:263:in `render_403'
app/controllers/application_controller.rb:262:in `render_403'
app/controllers/application_controller.rb:52:in `__bind_1317096489_494834'
app/controllers/application_controller.rb:460:in `call'
app/controllers/application_controller.rb:460:in `execute_rescue'
app/controllers/application_controller.rb:52:in `__bind_1317096489_494834'

Request

Parameters:

None

Show session dump

Show env dump
Response

Headers:

None

Expected results:
Cleanly handle the permission denied request

Additional info:
Comment 1 Mike McCune 2012-01-26 19:38:11 UTC 
mass move to CFSE product.
Comment 2 Partha Aji 2012-02-10 01:42:35 UTC 
More cases for this bug
1) User has access to Orgs A,B, C and C is its current org.  Admin revokes access to org C from the user. User when he clicks on any page will automatically be logged out with a message stating
"""
You current organization is no longer valid. It is possible that either the     
organization has been deleted or your permissions revoked, please log back in to
continue                                                                        .
"""

2) User has access to no orgs. Admin then provides access to orgs A, B. The user should immediately get assigned to org A just as he would reload or click any page.
Comment 3 Partha Aji 2012-02-10 01:45:42 UTC 
Should be fixed as of http://git.fedorahosted.org/git/?p=katello.git;a=commit;h=a18e6d92b9a59563aaa34debb1f22a092bf73b5f
Comment 4 Partha Aji 2012-02-11 00:08:00 UTC 
Should be fixed as of http://git.fedorahosted.org/git/?p=katello.git;a=commit;h=a99d5805bb1b752a376a9f2e6b7d099804ff54a1
Comment 5 Corey Welton 2012-02-21 16:45:10 UTC 
QA Verified.